Network routers occupy a key role in modern data transport and
consequently are attractive targets for attackers.
By manipulating, diverting or dropping packets arriving at a
compromised router, an attacker can trivially mount denial-of-service,
surveillance or man-in-the-middle attacks on end host systems.
We specify the problem of detecting routers with incorrect
packet forwarding behavior and we explore the design space of protocols that
implement such a detector. We further present a concrete protocol that is
inexpensive enough for practical implementation at scale.
We believe our work is an important step in being able to
tolerate attacks on key network infrastructure components.
More Details...

The Internet is not a safe place. Unsecured hosts can expect to be compromised within minutes of connecting
to the Internet. However, while such threats to host systems are widely understood, it is less well
appreciated that the network infrastructure itself is subject to constant attack as well. Indeed, through
combinations of social engineering and exploitation of weak passwords, attackers have seized control over
of thousands of routers. By compromising a router, an attacker may interpose on the traffic stream and
manipulate it maliciously to attack others: selectively dropping, modifying or re-routing
packets. This work is an important step in being able to tolerate such attacks on key network
infrastructure components. This book is based on the author's doctoral research, which is recognized with
the William C. Carter Award, in 2005: "The award is presented annually since 1997 to recognize an
individual who has made a significant contribution to the field of dependable computing through his or her
graduate dissertation research. The award is sponsored by the IEEE Technical Committee on
Fault-Tolerant Computing and the IFIP WG-10.4 on Dependable Computing and Fault Tolerance."